We have all swicthes in a private subnet and currently the router holds an IP address for these swicthes so they are reachable form the router on the primary interface which is for public access.
I thought it made sense to put the private IP for the switches in a loopback interface but I would also need to change the VLAN for the loopback which does not seem possible?
Is this possible?
Gary
What you want to do is route to the loopback interface, so the switch needs to advertise it's loopback address into whatever routing protocol you are using.
M
It is a Cisco 6500/Sup 720E-3BXL and I cannot understand how that would get the Loopback address in the right VLAn. The default VLAn on the network is not 1 as we have changed it to be much higher.
Can you add more details to your idea.
Thanks Gary
I think we need some more information from you.
1 are you using L2 switch or L3. 2- on which vlan your router is working 3 what is your managment vlan in switch 4 is your vlan 1 is enabled or disabled 5 who is doing intervlaan in your network 6- any other service that you are using like ? NAT which will enable you to get access to router to go out Please provide this information which will help us to give you an idea. kamleshGary,
Loopback interface is not routable. Any IP packet with an address in
127.x.x.x range will be dropped by any network device. Usually the only loopback address is used by the device is 127.0.0.1. In the Catalyst 6500 you may have a couple IP addresses, which will address different cards (for ex. MSFC versus Sup730), but again they all are internal.What's the best practice for switches management - create separate management VLAN, do trunks between all switches, and assign all switches management interface to this VLAN. If you need to access switches from one management console, connect this console to the same VLAN. Since you will not have corresponding IP interface for this VLAN, nobody will be able to access these switches. If you need though to access them through the network, you will need to create the VLAN interface on your router, but you may put access lists to limit access to these switches.
Mike
Gary,
The loopback interface (lo0) isn't associated with any particular vlan, it's local to the device itself as an "internal" interface that needs to be routed to (within the device), to reach it.
Set it up with a /32 netmask on each device, allocate them in an ordinal fashion in the same classful network that doesn't overlap with any of your existing network ranges. Each device will need to route the assigned /32 address to the loopback interface, you will need some form of static or dynamic route to do this. A dynamic routing protocol is best as you'll end up going mad adding dozens of /32 static routes throughout your network.
M.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.